Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-28137

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00575EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/05/20 11:16 p.m.12 views

CVE-2025-47945

Donetick an open-source app for managing tasks and chores. Prior to version 0.1.44, the application uses JSON Web Tokens JWT for authentication, but the signing secret has a weak default value. While the responsibility is left to the system administrator to change it, this approach is inadequate...

9.8CVSS6.8AI score0.00575EPSS
Exploits1References1
NVD
NVDadded 2025/05/17 7:15 p.m.12 views

CVE-2025-47945

Donetick an open-source app for managing tasks and chores. Prior to version 0.1.44, the application uses JSON Web Tokens JWT for authentication, but the signing secret has a weak default value. While the responsibility is left to the system administrator to change it, this approach is inadequate...

9.8CVSS0.00575EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/05/17 6:36 p.m.28 views

CVE-2025-47945 Donetick Has Weak Default JWT Secret

Donetick an open-source app for managing tasks and chores. Prior to version 0.1.44, the application uses JSON Web Tokens JWT for authentication, but the signing secret has a weak default value. While the responsibility is left to the system administrator to change it, this approach is inadequate...

9.1CVSS0.00575EPSS
Exploits1References3
CVE
CVEadded 2025/05/17 6:36 p.m.78 views

CVE-2025-47945

Donetick is an open‑source task/chores app. Before v0.1.44, it uses JWT authentication with a weak default signing secret, enabling potential full account takeover of any user. The live version confirms the issue. A patch is available in v0.1.44; recommended mitigation is upgrading to 0.1.44 or l...

9.8CVSS9.2AI score0.00575EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2025/05/17 6:36 p.m.7 views

CVE-2025-47945 Donetick Has Weak Default JWT Secret

Donetick an open-source app for managing tasks and chores. Prior to version 0.1.44, the application uses JSON Web Tokens JWT for authentication, but the signing secret has a weak default value. While the responsibility is left to the system administrator to change it, this approach is inadequate...

9.1CVSS6.8AI score0.00575EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/05/17 12:0 a.m.1 views

Donetick 安全漏洞

Donetick is an open source, user-friendly application from Donetick Open Source for managing tasks and chores. A security vulnerability exists in Donetick versions prior to 0.1.44, which stems from a weak JWT signing key default that could lead to account takeover...

9.8CVSS6.5AI score0.00575EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/05/17 12:0 a.m.3 views

PT-2025-21802 · Donetick · Donetick

Name of the Vulnerable Software and Affected Versions: Donetick versions prior to 0.1.44 Description: The issue concerns the use of JSON Web Tokens JWT for authentication in Donetick, an open-source task management application. Prior to version 0.1.44, the application uses a weak default signing...

9.8CVSS6.8AI score0.00575EPSS
Exploits1References10
Rows per page
Query Builder